The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Risks of SSH

Discussion in 'General Discussion' started by dan_c, Jul 25, 2005.

  1. dan_c

    dan_c Active Member

    Joined:
    Jul 23, 2005
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    I have a feeling this has already been asked, but I did not see anything when I ran a search:

    What are the security risks of enabling shell access (SSH) for clients? Could they cause harm to files outside their /home/user file? What is the downside to enabling SSH, and what is the upside for the client? I am assuming this is not root control that is given to the user, and I am just unsure of what access/control the user is given.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Security is about layers and allowing SSH access weakens your security of your server. Some say considerably, some say not so much, but weakening it you are. There are very few reasons for needing shell access as a user and unless a user can demonstrate that they require it and you trust them and they can work within a jailshell, then I would not recommend allowing it.

    Most of what you can exploit from shell you can do from a CGI script, but it can often be far easier if you have shell access and exposing your server to the risk seems pointless unless there's a burning need - IMO.
     
  3. dan_c

    dan_c Active Member

    Joined:
    Jul 23, 2005
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    ok yea thats what i was afraid of. thanks
     
Loading...

Share This Page